General
-
Target
c697a61a5e82540256e0b2fa7aa142e69e65921c2baf8fea01f2522cb36663da
-
Size
661KB
-
Sample
221128-jbfywseh79
-
MD5
a33968b3df4fb9fcced418ef89ad2b56
-
SHA1
30ec67510f8848cf79f9f1131f5e907b1877ef77
-
SHA256
c697a61a5e82540256e0b2fa7aa142e69e65921c2baf8fea01f2522cb36663da
-
SHA512
a5927d264f2cd1b6aa10f895baee2e63b65156d0cc3a3e5182127e6bd222026696cd9a8fdf5b793c0925beca75a70e2d904219461ca254dd4ca13d9bc11037c5
-
SSDEEP
12288:YDGc5pbKbfrBOvQQfswt6hheat1ZE/89TU+HtQL+:YxzbKXBQPUJhcat1o89tHt
Static task
static1
Behavioral task
behavioral1
Sample
c697a61a5e82540256e0b2fa7aa142e69e65921c2baf8fea01f2522cb36663da.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
c697a61a5e82540256e0b2fa7aa142e69e65921c2baf8fea01f2522cb36663da
-
Size
661KB
-
MD5
a33968b3df4fb9fcced418ef89ad2b56
-
SHA1
30ec67510f8848cf79f9f1131f5e907b1877ef77
-
SHA256
c697a61a5e82540256e0b2fa7aa142e69e65921c2baf8fea01f2522cb36663da
-
SHA512
a5927d264f2cd1b6aa10f895baee2e63b65156d0cc3a3e5182127e6bd222026696cd9a8fdf5b793c0925beca75a70e2d904219461ca254dd4ca13d9bc11037c5
-
SSDEEP
12288:YDGc5pbKbfrBOvQQfswt6hheat1ZE/89TU+HtQL+:YxzbKXBQPUJhcat1o89tHt
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-